From f33e553cfdb78da78643abba18f82af6f838e71b Mon Sep 17 00:00:00 2001
From: Jens Langhammer <jens.langhammer@haufe-lexware.com>
Date: Fri, 22 Mar 2019 10:55:04 +0100
Subject: [PATCH 1/2] always parse url instead of once

---
 passbook/app_gw/middleware.py | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/passbook/app_gw/middleware.py b/passbook/app_gw/middleware.py
index 208cdd937..c6218b0a7 100644
--- a/passbook/app_gw/middleware.py
+++ b/passbook/app_gw/middleware.py
@@ -90,8 +90,7 @@ class ApplicationGatewayMiddleware:
         # TODO: How to choose upstream?
         upstream = self.app_gw.upstream[0]
 
-        if not getattr(self, '_parsed_url', None):
-            self._parsed_url = urlparse(upstream)
+        self._parsed_url = urlparse(upstream)
 
         if self._parsed_url.scheme not in ('http', 'https'):
             raise InvalidUpstream(ERRORS_MESSAGES['upstream-no-scheme'] %

From 81ac9518725d95d7ffcf9cf7ca253a12f468129e Mon Sep 17 00:00:00 2001
From: Jens Langhammer <jens.langhammer@haufe-lexware.com>
Date: Fri, 22 Mar 2019 10:55:26 +0100
Subject: [PATCH 2/2] validate upstream in form

---
 passbook/app_gw/forms.py | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/passbook/app_gw/forms.py b/passbook/app_gw/forms.py
index 928e0f7d5..fb3df1507 100644
--- a/passbook/app_gw/forms.py
+++ b/passbook/app_gw/forms.py
@@ -1,4 +1,5 @@
 """passbook Application Security Gateway Forms"""
+from urllib.parse import urlparse
 
 from django import forms
 from django.contrib.admin.widgets import FilteredSelectMultiple
@@ -19,9 +20,18 @@ class ApplicationGatewayProviderForm(forms.ModelForm):
         if ApplicationGatewayProvider.objects \
                 .filter(server_name__overlap=current) \
                 .exclude(pk=self.instance.pk).exists():
-            raise ValidationError("Server Name already in use.")
+            raise ValidationError(_("Server Name already in use."))
         return current
 
+    def clean_upstream(self):
+        """Check that upstream begins with http(s)"""
+        for upstream in self.cleaned_data.get('upstream'):
+            _parsed_url = urlparse(upstream)
+
+            if _parsed_url.scheme not in ('http', 'https'):
+                raise ValidationError(_("URL Scheme must be either http or https"))
+        return self.cleaned_data.get('upstream')
+
     class Meta:
 
         model = ApplicationGatewayProvider